Posted: Fri Feb 03, 2023 0:41 Post subject: I have a NetGear 7000 and need help
My first question is what firmware should I use.
I am on the beta build 51530 now I was on 48432 previously.
My main wireless mesh network that has a combined 2.4 and 5ghz under one SSID.
I use my dd-wrt to feed old or strange IoT devices that don't like mesh networks. My doorbell is one such thing and it is in the front of the house so I have to use a LinkSys wifi extender to get to it off the DD-WRT. My DD-WRT is a seperate 192.168.X.X network.
It has been stable under 48432 when it was setup as a separate put a need has come up to make the DD-WRT to be on the same 10.X network as everything else. When I did that after about a day the DD-WRT stops working. It wouldn't respond to any requests just dead.
I am not sure I have setup the bridge mode configuration correctly.
Should I use the LAN port to connect to my main network or just use the switch ports?
Any advice or possible recommendations would be welcome.
Under the advanced routing I was still in Gateway vs router mode so hopefully that was what was causing it to crash every day. (Hopefully... It will take 24 hours or so before I know for sure.)
I will update if it is stable for a few days.
Also is it a BAD idea to be using the latest builds and what is considered the best build now?
Joined: 18 Mar 2014 Posts: 12889 Location: Netherlands
Posted: Fri Feb 03, 2023 11:53 Post subject:
Gateway or router mode does not matter at all in this case.
There is now WAN so also no NAT.
I always keep it in the default Gateway mode.
This is how I setup a Wireless Access Point:
Quote:
A secondary router connected wired LAN<>LAN on the same subnet as the primary router.
Setup:
• On Basic Setup page:
o WAN disabled
o DHCP server Disabled (=off and NOT set as Forwarder!)
o Local IP address in subnet of primary router but outside DHCP scope, make sure the used IP address is unique on your network you cannot have duplicates.
You can run udhcpc to give the WAP a static lease but because you can it doesn't mean you should
o Gateway and Local DNS pointing to primary router
Example:
If your primary router is 192.168.1.1 then set the Local IP address of the WAP to 192.168.1.2 (make sure that is not used).
The Gateway and Local DNS are set to point to the primary router e.g.: 192.168.1.1
• Keep DNSMasq enabled (both on Basic Setup page and Services page)
• On Setup > Advanced Routing, keep Operating mode in the default Gateway (the wiki says Router mode but do not do that, either it does not matter (this case) or break things)
• On Security > Firewall keep the SPI Firewall enabled, although you do not want a firewall it will be automatically disabled as there is no WAN so no need to change this setting form default.
• Connect LAN <> LAN (do not use the WAN port unless you really need that extra port, for most routers traffic still must use the CPU so performance is lacklustre and there are some routers where the WAN port is not added to br0 so the WAN port could be non-functional on some routers).
Note: For Broadcom routers for best throughput enable CTF on Basic Setup Page
If you have unbridged interfaces on the WAP (Virtual Access Point (VAP) , bridge etc ), you have to add the following rule to the firewall in order to get internet access.
In the web-interface of the router (the WAP): Administration > Commands save Firewall:
#Always necessary (alternatively set static route on main router and NAT traffic from VAP/Bridge out via WAN):
iptables -t nat -I POSTROUTING -o br0 -j SNAT --to $(nvram get lan_ipaddr)
If you want to only have the VAP/bridge to have internet access and not access to the rest of the network
#Replace with the appropriate interface of your VAP, e.g. wl0.1, wlan0.1 etc:
GUEST_IF="wlan1.1"
#Net Isolation does not work on a WAP so keep it disabled, add for isolating VAP from main network:
iptables -I FORWARD -i $GUEST_IF -d $(nvram get lan_ipaddr)/$(nvram get lan_netmask) -m state --state NEW -j REJECT
Joined: 04 Jan 2007 Posts: 11564 Location: Wherever the wind blows- North America
Posted: Fri Feb 03, 2023 14:28 Post subject:
egc wrote:
Having the same name for both 2.4 and 5 GHz does not always work the way you expect/want.
Joe....I 100% agree with this statement from egc....I have a pair of 7000s as Station Bridge/AP setup on my network and I always had trouble trying to get reliable connections with both 2.4GHz and 5GHz communicating on my network. Once I split them (SB on 2.4GHz and AP on 5GHz) then I haven't looked back....that was years ago. It's one thing I stopped trying to test...I'm suspecting it may be part of your problem as well.
Posted: Fri Feb 03, 2023 23:21 Post subject: Thanks
I don't see the option to disable WAN it is my understanding that may have been removed in later firmwares.
I think I have everything done correctly... More or less...
My main network is 10.0.2.X and my main router is 10.0.2.1 with this device set as 10.0.2.253 (an address never used or able to be assigned by anyone on the 10.0.2.x network.) I also have no nat services active. I don't know why the thing works fine and then tends to die every night around 8-9PM. It is very strange.
It is 7:46 now... So in a few hours I should know if it is more stable then before.
Is there someway I can do a configuration dump that is useful for people to look at and they can tell me what my mistake maybe?
I am not looking to limit the AP access to the main 10.0.2.x network... I want devices who join it to be the same as devices who join the main wifi network that is off the 10.0.2.1 access point. My main wifi is an AP that is a mesh network off the 10.0.2.1 device... and this device on 10.0.2.253 is just passing dhcp requests to 10.0.2.1... Just like the Mesh Access point.
"WAN Connection Type". What was removed is "Assign WAN port to switch". _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Can you post some captures of your configuration screens in DD-WRT so I can see what I am doing wrong.
Mine still died at 8PM and I couldn't get it working again.
So I had to configure it back as a seperate network until I can figure out what I am doing wrong having it as an access point.
Did you restore a setting backup after flashing? If so you may consider to factory reset and redo all the settings manually.
I also have Netgear R7000. After flashing the firmware from 2023-01-14 + restore previous settings. It exhibits strange behavior (the kind of I did setting by the book, it was working before but not now). Members in this forum could not confirm the weird issue.
I was advised a basic precaution of just factory reset and redo all the settings from scratch. All problems were fixed.
Joined: 16 Nov 2015 Posts: 6440 Location: UK, London, just across the river..
Posted: Sat Feb 04, 2023 18:09 Post subject:
its a bad idea both SSID with same name ..change names happy life...
it worked for 20H than stopped .... check R7000 power supply bad PSU=lots or weirdness
must be 3.5A or more i got 5A on my R7000 so, i know it has enough...but the original died and caused me all sorts of nastiness...
also:
-follow the egc WAP guide it makes more sense...
-R7000 is a Broadcom based and its radios could be very picky on clients side...
-I recently found something i dont like about those and stopped using my R7000 radio... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Did you restore a setting backup after flashing? If so you may consider to factory reset and redo all the settings manually.
I also have Netgear R7000. After flashing the firmware from 2023-01-14 + restore previous settings. It exhibits strange behavior (the kind of I did setting by the book, it was working before but not now). Members in this forum could not confirm the weird issue.
I was advised a basic precaution of just factory reset and redo all the settings from scratch. All problems were fixed.
Yes I saw that as well... The restoring configuration is JUST not working at all.
Not even from the same version of firmware. So I did blow it all away and setup from scratch. No luck.
its a bad idea both SSID with same name ..change names happy life...
it worked for 20H than stopped .... check R7000 power supply bad PSU=lots or weirdness
must be 3.5A or more i got 5A on my R7000 so, i know it has enough...but the original died and caused me all sorts of nastiness...
also:
-follow the egc WAP guide it makes more sense...
-R7000 is a Broadcom based and its radios could be very picky on clients side...
-I recently found something i dont like about those and stopped using my R7000 radio...
I agree have one network called PIA and the other is PIA5.
I still have the original and perhaps that is an issue... But the original is working fine as a seperate network and only giving me issues when configured as a AP. So I am not saying it is not possible but you wouldn't think the AP config would need more power.
